Many computer users maintain multiple user accounts across many different computer service entities, such as email accounts, financial accounts, cloud storage accounts, ecommerce accounts, etc. The maintenance and use of user credentials, such as user names and passwords, across so many accounts can be daunting. Single Sign-On services allow users to maintain a single user name/password combination that can be used to access multiple different accounts across multiple entities, but such services do not permit the entities to communicate confidential user information among themselves. For example, a social networking service may partner with a corporate email provider. Single sign on allows the user to access both the social networking service and the corporate email provider using a single user name/password (or other credential) combination, but this does not allow the social networking service to obtain details about the user from the corporate email provider or vice versa. In addition to the privacy issues that would need to be resolved prior to permitting such access, there are technical challenges involved in doing so, especially if such information exchange is going to be bidirectionally initiated (i.e., where each of the providers has the ability to access data from the other) in a seamless manner.
Typically, such sharing of personal data requires user consent via an explicit user agreement and compliance controls. However, there currently exists a mechanism to perform this consent in only one direction at a time. For example, after logging into a social networking service, the user can grant permission to a corporate email provider to access social networking data from the social networking service, but the user would then have to separately log in to the corporate email provider and separately grant permission to the social networking service to access user information (such as contact information) from the corporate email provider.